Millions of users of Apple and Android devices vulnerable to man-in-the-middle attacks on encrypted traffic when they visited supposedly’secured’ websites, including the official websites of the White House, FBI and National Security Agency. The FREAK vulnerability resides in OpenSSL versions 1.01k and earlier, and Apple’s Secure Transport. It is possible to carry out the attack when a user running a vulnerable device currently includes Android smartphones, iPhones and Macs running Apple’s OS X operating system connects to a vulnerable HTTPS-protected website.
Source: https://thehackernews.com/2015/03/freak-openssl-vulnerability.html